<?
if (preg_match("#" . basename(__FILE__) . "#", $_SERVER['PHP_SELF'])) {
	die('This page cannot be called directly.') ;
}

class ajax_admin
{
	function playme(){
		 $code = Url::getParam('code');
        //yêu cầu đặt tên $code=tên của method trong class

        if (method_exists($this, $code)) {
            $this->$code();
        } 
        else
        {
            $this->home();
        }
	}
	
	function home(){
		global $display;
		die("Nothing to do...");
	}
	    
	function fn_del_user_admin(){
			
		if(!User::is_login()){
			echo "not_login";
			exit;
		}
		
		$user = array();		
		$user_id = (int)Url::get("user_id");
		$user = User::getUser($user_id);
		
		if($user){
			
		}
		else{ 
			echo "unsuccess";
			exit();
		}
		
		if(User::is_root()){
			User::delete_user($user_id);			
			echo "success";
			exit;			
		}
		else{
			echo "no_perm";
			exit;
		}				
	}
	
	function fn_send_email_active(){
  		if(!User::is_login()){
				echo "not_login";
				exit;
		}
		
		if(!User::have_permit(ADMIN_USER)){
			echo "no_perm";
			exit;
		}	
		$user_id = (int)Url::get("user_id",0);
			if($user_id){
				$user = User::getUser($user_id);
				if($user["user_activated"]==1){
					if(USER_ACTIVE_ON){
					$active	= DB::select("user_active","user_id=".$user["user_id"]);
					$active_code = md5(TIME_NOW.$user["user_pass_md5"]);
					if($active){
						$active	=	array(
										"id"		 =>$active["id"],
										"user_id"	 =>$user["user_id"],
										"active_code"=>$active_code,
										"time"		 =>TIME_NOW,
										);
					}
					else{
						$active	=	array(
										"user_id"	 =>$user["user_id"],
										"active_code"=>$active_code,
										"time"		 =>TIME_NOW,
										);
					}
					
					global $display;
					$display->add("active_account", 0);
					$display->add("rb_url",WEB_ROOT);
					$display->add("user_id",$user["user_id"]);
					$display->add("user_email", $user["user_email"]);
		            $display->add("user_name", $user["user_name"]);
					$display->add("active_code",$active_code);
					$display->add("SUPPORT_TEL",SUPPORT_TEL);
					$display->add("SUPPORT_EMAIL",SUPPORT_EMAIL);
					$content_email = $display->output("send_active_mail",1,"RegisterSuccess");
					
					if(EMAIL_ON && System::sendECEmail(TEST_EMAIL != ""?TEST_EMAIL:$user["user_email"],"Kích hoạt lại tài khoản " . WEB_NAME . "!",$content_email)){
						echo "success";
						exit;
					}
					else{
						echo "unsuccess";
						exit;
					}
				}
				else{
					DB::query("UPDATE user SET user_activated = 0 WHERE user_id=".$user["user_id"]);
					User::getUser($user["user_id"],1);
					echo "unsuccess";
					exit;
				}
			}
			else{
				echo "unsuccess";
				exit;
			}
		}	
	}
   	
	function fn_ban_nick(){//Khoá thành viên
		if(!User::is_login()){
			echo 'no_login';	
			exit;
		}
		if(!User::have_permit(array(ADMIN_USER,MOD_LOCK_USER))){
			echo 'no_perm';	
			exit;
		}
		
		$ban_date = intval(Url::getParam('ban_date'));	
		$type_lock = intval(Url::getParam('type_lock'));	
		$reason_lock = Url::getParam('reason_lock');	
		$user_id = intval(Url::getParam('user_id'));
		$user_email = Url::getParam('user_email');
			
		// update lich up tin
		//DB::query("UPDATE up_item_schedule SET status=0 WHERE user_id = $user_id AND status = 1");
				
		if($type_lock==2 && $user_id!=207922){// khoá vĩnh viễn 				
			DB::update('user',array('block_time'=>"-1"),'id ='.$user_id);
			DB::insert('user_lock',array('time'=>TIME_NOW,'user_id'=>$user_id,'user_email'=>$user_email,'type'=>1,'note'=>$reason_lock,'admin_id'=>User::id(),'admin_name'=>User::user_email()));
			//User::getUser($user_id,1);
			
			//$ad_ids = "";
			// Xoa luon tin cua thanh vien do 
			//$result = DB::query("SELECT ad_id FROM phpclass_ad WHERE ad_owner = $user_id");
//			while ($row = mysql_fetch_assoc($result)) {
//    			$ad_ids .= ($ad_ids?",":"").$row["ad_id"];
//			}
//			Item::delete_items($ad_ids);
			
			echo "lock_not_cookies";
			exit;
		}
		elseif($type_lock==3 && $user_id!=207922){// khoá vĩnh viễn + khoá cookies
			DB::update('user',array('block_time'=>"-1"),'id ='.$user_id);
			DB::insert('user_lock',array('time'=>TIME_NOW,'user_id'=>$user_id,'user_email'=>$user_email,'type'=>3,'note'=>$reason_lock,'admin_id'=>User::id(),'admin_name'=>User::user_email()));
			//User::getUser($user_id,1);
			
//			$ad_ids = "";
//			// Xoa luon tin cua thanh vien do 
//			$result = DB::query("SELECT ad_id FROM phpclass_ad WHERE ad_owner = $user_id");
//			while ($row = mysql_fetch_assoc($result)) {
//    			$ad_ids .= ($ad_ids?",":"").$row["ad_id"];
//			}
//			Item::delete_items($ad_ids);
			
			echo "lock_cookies";
			exit;
		}				
		elseif($ban_date>0 && $user_id!=207922){//Khoá có thời hạn			
			$time_start = mktime(24,0,0,date('m'),date('d'),date('Y'));
			$time_expire = $time_start+$ban_date*24*3600;						
			if(DB::query("UPDATE user SET block_time=$time_expire WHERE user_id = $user_id")){	
				DB::insert('user_lock',array('time'=>TIME_NOW,'time_expire'=>$time_expire,'user_id'=>$user_id,'user_name'=>$user_email,'type'=>0,'note'=>$reason_lock,'admin_id'=>User::id(),'admin_name'=>User::user_email()));
				User::getUser($user_id,1);
				$ad_ids = "";
				$items = array();
				
				//Kiem duyet tin cua thanh vien do 
				$result = DB::query("SELECT ad_id FROM phpclass_ad WHERE ad_owner = $user_id");
				while ($row = mysql_fetch_assoc($result)) {
        			$ad_ids .= ($ad_ids?",":"").$row["ad_id"];
        			$items[$row["ad_id"]] = $row;
				}
				DB::update('phpclass_ad',array("ad_is_validated"=>2),"ad_owner = $user_id");
				
				if(MONGO_ON){
					$mongo_data = array("ad_is_validated"=>2);
					Item::MongoUpdate(explode(",", $ad_ids) , $mongo_data);
				}
				
				// update real time Sorl
				if (SOLR_ON)
				{
					Solr::doUpdateItem(explode(",", $ad_ids));
				}
				
				if(MEMCACHE_ON){
					foreach($items as $item){
						global $memcache;
						ECMemcache::do_put("item:{$item["ad_id"]}", $item);	
						unset($memcache_array);					
					}
				}
				echo '<font color="red"><strong>'.date('H:i d/m/y ',$time_expire).'</strong></font>';
				exit;	
			}
			else{
				echo "unsuccess";
				exit;	
			}
		}
		else {
			echo "invalid";
			exit;	
		}
	}
	
	function fn_un_ban_nick(){
		$user_id = (int)Url::get('user_id',0);
		$user = User::getUser($user_id);
		if(!$user_id || !$user || !User::have_permit(array(ADMIN_USER))){
			echo "no_perm";
			exit;
		}	
		
		if($user_id){							
			DB::update('user',array('block_time'=>TIME_NOW),"id = $user_id");
			$user_lock = DB::fetch('SELECT id FROM user_lock WHERE user_id='.$user_id." ORDER BY id DESC LIMIT 1");
			DB::update('user_lock',array('unlock_time'=>TIME_NOW,'unlock_user'=>User::user_email()),'id = '.$user_lock["id"]);
			//User::getUser($user_id,1);
			echo "success";
			exit;
		}
	}
	
	///////////////////////////////////////////////////////////////////////////////////////////////////	
	function add_admin()
	{
		if(!User::is_admin())
		{
			echo 'no_perm';	
			exit;
		}
		
		$id_admin 			= (int)Url::get('id_admin');
		$user_email_admin 	= Url::getParam('user_email_admin');
		$group_id 		 	= (int)Url::getParam('group_id');
		
		if($group_id==9 && !User::is_root()){//Nếu phân quyền root
			echo 'no_perm';	
			exit;
		}
		
		if($id_admin>0 || $user_email_admin!='')
		{
			if($id_admin)
			{
				$user 	= 	User::getUser($id_admin);
			}
			else
			{
				$user	=	DB::select('user','email="'.$user_email_admin.'"');
			}
			
			if($user)
			{
				$groups	=	User::get_groups($user['gids']);
				
				if(isset($groups[$group_id]))
				{
					User::getUser($user['user_id'],1);
					
					echo "exist_admin";
					exit;
				}
				else{
					if($user['gids']=='0' || $user['gids']=='')
					{
						$user['gids']=$group_id;
					}
					else{
						$user['gids'].='|'.$group_id;
					}
					
					if(DB::query('UPDATE user SET gids="'.$user['gids'].'" WHERE id='.$user['id']))
					{
						User::getUser($user['id'],1);
						
						echo "success";		
						exit;
					}
					else {
						echo "unsuccess";		
						exit;
					}
				}
			}
			else{
				echo "no_exist";
				exit;
			}
		}
		else {
			echo "invalid";
			exit;	
		}
	}
	
	function grant_permit(){
		if(!User::is_admin()){
			echo 'no_perm';	
			exit;
		}
		
		$type				= (int)Url::get('type');
		$ref_id				= (int)Url::get('ref_id');
		$pids 				= Url::getParam('pids');
		
		if($ref_id==0 && in_array($ref_id,array(1,9))){//Không được phân quyền cho admin và root
			echo "unsuccess";	
			exit;
		}
		
		if($ref_id>0)
		{
			if($type==0 && !isset(CGlobal::$group[$ref_id]) && !DB::select("user_groups","id=$ref_id"))
			{
				echo "invalid";
				exit;
			}
			elseif($type==1 && !User::getUser($ref_id)){
				echo "invalid";
				exit;	
			}
			
			$permit	=	DB::select('user_permit','type='.$type.' AND ref_id='.$ref_id);
			
			if(!$permit)
			{
				$permit=array(
								'type'	=>$type,
								'ref_id'=>$ref_id,
								'pids'	=>$pids,
								);
			}
			else{
				$permit['pids']=$pids;
			}
			
			if(DB::insert('user_permit',$permit,true))
			{
				if($type==1)
				{
					User::getUser($ref_id,1);
				
					User::get_permits(1,$ref_id);
				}
				
				echo "success";		
				exit;
			}
			else
			{
				echo "unsuccess";		
				exit;
			}
		}
		else {
			echo "invalid";
			exit;	
		}
	}
    ///////////////////////////////////////////////////////////////////////////////////////////////////



	function fn_reset_pas(){
		$user_id = Url::getParam('user_id');
		$user 	 = User::getUser($user_id);
		
		if(!$user_id || !$user || !User::have_permit(ADMIN_USER)){
			echo "no_perm";
			exit;
		}								
		
		$gid 		  = User::check_admin($user['gids']);
		
		if($user_id !=User::id() && ($gid == 9 || ($gid==1 && !User::is_root()) )){//root ko đc đổi pass của root, admin ko đc đổi pass admin
			echo "no_perm";
			exit;
		}
		
		$checked = Url::getParam('checked');		
		$pas = Url::get('pas');
		$user_email 	= $user['user_email'];		
		
		if($checked=='on'){
			$messenger=file_get_contents('templates/ForgotPassword/reset_password.html');
			$message=str_replace('[[|user_name|]]',$user_email,$messenger);
			$message=str_replace('[[|password|]]',$pas,$message);
			$subject = 'Khôi phục lại mật khẩu trên ' . WEB_NAME;
			if(EMAIL_ON && System::sendECEmail(TEST_EMAIL != ""?TEST_EMAIL:$user_email,$subject,$message)){
					$id_update = DB::update('user',array('password'=>User::encode_password($pas)),"id =$user_id");
					if($id_update){
						echo "success";
						exit;
					}
				}
			else{
				echo "unsuccess";
				exit;
			}		
		}
		else{
			$id_update = DB::update('user',array('password'=>User::encode_password($pas)),'id ="'.$user_id.'"');
			if($id_update){
				echo "success";
				exit;
			}
		}				
	}	
	
  	function fn_active_user(){
		if(!User::is_login()){
			echo "not_login";
			exit;
		}
		
		if(!User::have_permit(ADMIN_USER)){
			echo "no_perm";
			exit;
		}	
		
		$user_id = Url::getParam('user_id');
		$gids 	 = Url::getParam('gids');
		$action 	 = Url::getParam('action');	
			
		if(!User::check_higher_permis(User::$current->data['gids'],$gids)){
			echo "no_perm";
			exit;
		}
		
		if($user_id && $action=='de_active'){
			$user_info = DB::fetch('SELECT password FROM user WHERE id="'.$user_id.'"');
			$active_code = md5(TIME_NOW.$user_info['password']);
			
			$id_update = DB::update('user',array('is_active'=>1),'id="'.$user_id.'"');
			$id_insert = DB::insert('user_active',array('user_id'=>$user_id,'active_code'=>$active_code,'time'=>TIME_NOW));
		
			if($id_update && $id_insert ){
				echo "success";
				exit;
			}else{
				echo "unsuccess";
				exit;
			}		
		}
		elseif($user_id && $action=='active'){
			$id_update = DB::update('user',array('is_active'=>0),'user_id="'.$user_id.'"');
			//$id_delete = DB::delete('user_active','user_id="'.$user_id.'"');
			
			if($id_update ){
				echo "success";
				exit;
			}else{
				echo "unsuccess";
				exit;
			}
			
		}
		else{
			echo "unsuccess";
			exit;
		}
  	}

	function add_edit_ban_ip()
	{
		if(!User::have_permit(ADMIN_ITEM)){
			echo "no_perm";
			exit;
		}
		
		$user_email = User::user_email();
		$create_time = TIME_NOW;
		
		$ban_id = Url::get('ban_id',0);
		$ban_ip = Url::get('ban_ip',0);
		$ban_reason = Url::getParam('ban_reason',"");
				
		if($ban_ip){
			$ban_ip = str_replace(' ', '', $ban_ip );
			$item_array = array(
						'ip' => $ban_ip,
						'reason' => $ban_reason,
						'create_time' => $create_time,
						'user_email' => $user_email
				);
			if(!$ban_id){
				DB::insert('ban_ip',	$item_array);
				$ban_id = mysql_insert_id();
			}
			else {
				DB::update('ban_ip', $item_array,'id = '.$ban_id);
			}
			$item_array += array('id' => $ban_id);
			$item_array['create_time'] = date('d/m - h:i',$item_array['create_time']);
			
			// cho mang vao memcache
			$sql = "SELECT * FROM ban_ip Order by id desc";
			$result = DB::query($sql);
			while ($row = mysql_fetch_assoc($result)) {
				$row['create_time'] = date('d/m - h:i',$row['create_time']);
				$arr_mem_cache[$row['ip']] = $row;
			}
			ECMemcache::do_put('list_ban_ip',$arr_mem_cache);
			
			echo json_encode($item_array);
		}
		else{
			echo "not_ip";
		}
		exit();							
	}
}
?>